ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Tighter MPI spec

2005-02-25 19:11:36
from [Jon Callas] [Permanent Link] 


On 25 Feb 2005, at 11:52 AM, Rick van Rein wrote:

The specification of the MPI format has a *flaw* that forces compliant
implementations to do more work than desired or intended.  This is
outright embarassing in a standard.
Perhaps I'm just stupid, but I don't see what the ambiguity is, or what needs to be fixed, other than that you've changed the explanatory example. Especially with Ben Laurie's comment that unused bits MBZ, I don't see any any room for even willful error in it.
This language has been sitting in 2440 and followons since '97. No one has ever had a problem implementing it, no one has had an interoperability issue with bignums. Not PGP, nor GnuPG, nor Hushmail, nor Cryptix, nor Forum, nor Bouncy Castle, nor anyone else.
I know I'm in the fog of jetlag and flu, but I don't see how your example of [00 05 22] could possibly be interpreted as a decimal 17. I can see how you might think it 0x22 (decimal 34) with a bad length, or a 2 with a bad length and garbage in the unused bits (now clarified by Ben Laurie). I think that the point you're trying to make is that is is conceivable that [00 05 31] a 17. 

However, the existing text says:

   These octets form a big-endian number; a big-endian number can be
   made into an MPI by prefixing it with the appropriate length.

and

   The length field of an MPI describes the length starting from its
   most significant non-zero bit. Thus, the MPI [00 02 01] is not
   formed correctly. It should be [00 01 01].
Even without the MBZ clarification, I think this tells us that the *natural* formation of a 17 as an MPI to be [00 05 11]. The second paragraph says that [00 06 11] is not legal because the sixth bit of 0x11 is zero, and that [00 05 31] is not legal because that sixth bit is now the most significant non-zero bit. Bis13 (which presently only I have) adds in: 

   Unused bits of an MPI MUST be zero.

which seems to me to remove all realms for misinterpretation.
The first paragraph shows that the natural way to form an MPI would bring you to [00 05 11]. The second shows that [00 05 i] where i > 0x1f is not legal. Please help me understand how I would evaluate [00 05 22], [00 05 44], and [00 05 88] to be a 17. Without the MBZ clarification, I can see how they might be naively be seen to be 2, 4, and 8 respectively, but I think that the MBZ clarification removes even the naive misunderstanding. I just don't see how they're 17. Let me know and I'll fix it, really I will. 

        Jon
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: More questions and comments on rfc2440bis-12, Jon Callas
Next by Date:  Re: More questions and comments on rfc2440bis-12, Ben Laurie
Previous by Thread:  Re: Tighter MPI spec, Rick van Rein
Next by Thread:  Re: Tighter MPI spec, Florian Weimer
Indexes:  [Date] [Thread] [Top] [All Lists]